TLS and SSLv3 are vulnerable to a man-in-the-middle attack. This vulnerability is due to a design flaw in the cipher suite renegotiation capability of the protocol, not to a particular implementation defect. The vulnerability allows an attacker to insert his own traffic into the beginning of the client’s application protocol stream.

In order to fully protect against this threat, clients as well as origin content servers must be updated to support secure TLS renegotiation as defined in RFC 5746.

Blue Coat Systems is fixing this vulnerability across all currently supported product lines by implementing RFC 5746 to allow, but not require, secure renegotiation.

Affected Products:

The following products are vulnerable.

Director

All versions of Director prior to 5.5.2.3 are vulnerable.

IntelligenceCenter

All versions of Intelligence Center prior to 3.1.1.1 are vulnerable.

PacketShaper

All versions of PacketShaper prior to 8.5.5 are vulnerable. All versions of PacketShaper 8.6 are vulnerable. All versions of 8.7 are not vulnerable.

Management connections to PacketShaper and connections from PacketShaper to LDAP configuration servers are vulnerable to an attack.
Traffic passing through PacketShaper for classification and shaping cannot be affected since PacketShaper does not serve as a TLS/SSL endpoint. Compression and acceleration tunnels do not use SSL so are not affected.

ProxyAV

All versions of ProxyAV prior to 3.4.1.1 are vulnerable.

ProxySG

All versions of ProxySG prior to 6.1 are vulnerable.

ProxySG uses TLS/SSL to accelerate and control traffic, for management and configuration operations, to interact with other Blue Coat products, and to interact with third party and other Blue Coat servers. All TLS/SSL connections are vulnerable to an attack. ProxySG cannot protect against an attack.

Reporter

All versions of Reporter prior to 9.2.4.1 are vulnerable.

Blue Coat recommends that Reporter be deployed behind the firewall. Given this typical deployment, the CVSS v2 base score is 4.8 (AV:A/AC:L/Au:N/C:N/I:P/A:P).

The following products are not vulnerable to attack because they use SSL/TLS libraries that are provided by the platform. Blue Coat recommends that customers update the underlying operating systems for these products.

ProxyClient

The Proxy Client uses the on-platform TLS/SSL libraries provided by Microsoft. It only establishes a TLS/SSL connection to ProxySG to download new files and configuration and to upload monitoring information. If the connection to ProxySG is targeted, the attacker is limited to injecting malformed or misleading monitoring information.

K9

K9 uses the on-platform TLS/SSL libraries provided by Microsoft.

Advisory Details:

The TLS protocol and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection. This allows an attacker to insert content of his choice at the beginning of the client’s interaction with the server. The attacker will not be able to read the traffic between the client and server.

Initial exploits of this vulnerability have focused on the HTTP protocol. Other protocols that use TLS/SSLv3 are vulnerable as well.

The IETF TLS working group has published RFC 5746 that specifies enhancements to the protocol to support secure renegotiation. Blue Coat Systems is implementing the RFC across affected product lines.

By default, products will support secure renegotiation, but will not require it. This allows Blue Coat products to preserve backwards compatibility with servers and clients that do not support secure renegotiation.

Options are available for each product to require secure renegotiation, thereby providing full protection against attacks that exploit this vulnerability. However, requiring secure renegotiation will cause SSL/TLS connections to clients and/or servers that do not support secure renegotiation to fail.

The following Blue Coat services do not support secure renegotiation at the current time:

license download

secure heartbeat

appliance birth certificate issuance

The following Blue Coat services now support secure renegotiation:

BCWF download

image downloads

Secure connections between Blue Coat products will fail unless both products are updated to support secure renegotiation. For example, a secure ICAP connection between ProxySG and ProxyAV will fail unless both products are updated.

Secure connections with third party servers will fail unless the third party server has been updated to support secure renegotiation. For example, uploading access logs via HTTPS to an Apache or IIS server that has not been updated will fail.

Workarounds:

No workarounds are available.

Patches:

Director

Secure renegotiation support is provided in the following releases. By default, secure renegotiation is required. A CLI option to support but not require secure renegotiation is available.

Director 5.5 - an interim fix is available in 5.5.2.3. The fix is available to customers with a valid BlueTouch Online login from bto.bluecoat.com/download/patch/90138905913689859042842687478968.

Director 5.4 and earlier - please upgrade to a later version.

IntelligenceCenter

Secure renegotion support is provided in the following releases. Clients that support secure renegotiation will be allowed to renegotiate a session key. Clients that do not support secure renegotiation can establish an SSL/TLS session but cannot perform legacy renegotiations.

IntelligenceCenter 3.1 - a fix is available in 3.1.1.1. The fix is available to customers with a valid BlueTouch Online login from bto.bluecoat.com/download/product/33.

IntelligenceCenter 2.1 and earlier - please upgrade to a later version.

PacketShaper/PacketWise/PolicyCenter

Secure renegotiation support is provided in the following releases. A CLI option to require secure renegotiation is available. Secure reneogitation is disabled by default.

Secure renegotion support is provided in the following releases. Clients that support secure renegotiation will be allowed to renegotiate a session key by default. An option is provided in the Management Console to allow clients that do not support secure renegotiation to access ProxyAV.

Secure renegotiation support is provided in the following releases. A CLI option to require secure renegotiation is available and is disabled by default. To enable the option, set the ssl command option force-secure-renegotiation to enable .

ProxySG 6.1 - a fix is available in SGOS 6.1.1.1 or later. The fix is available to customers with a valid BlueTouch Online login from bto.bluecoat.com/download/product/5351.

ProxySG 5.4 - a fix is available in SGOS 5.4.5.1 or later. If you are intercepting SSL, Blue Coat recommends that you upgrade to SGOS 5.4.6.1. The fix is available to customers with a valid BlueTouch Online login from bto.bluecoat.com/download/product/17.

Secure renegotiation support is provided in the following releases. The 9.2 releases do not provide an option to require secure renegotiation. The 9.3 and later releases provide an option to force secure renegotiation.